WatchGuard Technologies SOHO Logging all allowed outbound traffic, Disabling Socks on the Soho

Page 73

Firewall Options

For the SOCKS proxy, enter the URL or IP address of the SOHO trusted network. The default IP address is 192.168.111.0.

Disabling SOCKS on the SOHO

Once you have used a SOCKS-compliant application through the SOHO, the primary SOCKS port is available to anyone on your trusted network. You can, however, close this security gap between uses of SOCKS applications.

1Enable the checkbox labeled Disable SOCKS proxy.

This disables the SOHO from acting as a SOCKS proxy.

2Click the Submit button.

When you need to use SOCKS again, follow this procedure:

1Disable the checkbox labeled Disable SOCKS proxy.

This enables the SOHO to act as a SOCKS proxy.

2Click the Submit button.

The SOHO is enabled again as a Proxy server and ready to pass SOCKS packets.

Logging all allowed outbound traffic

By default, the SOHO logs only particular events and not all traffic passing through it. For the most part, the SOHO records denied traffic. However, the SOHO can be configured to record all allowed outbound traffic.

NOTE As this option will record an extensive amount of log entries, WatchGuard recommends that it only be enabled for diagnostic purposes.

User Guide 5.0

73

Image 73
Contents WatchGuard Soho User Guide Page Following conventions are used throughout this guide Using this guideFCC Certification Certifications and NoticesCE Notice Industry CanadaTaiwanese Notice Vcci Notice Class a ITE Declaration of Conformity WatchGuard End-User License Agreement Page User Guide WatchGuard Limited Hardware Warranty User Guide Copyright and Patent Information Table of Contents Your Administrative Options Configuring Virtual Private Networking Page Welcome IntroductionHow does a firewall work? Registration and Identification InformationHow does a firewall work? IP Addresses How does information travel on the internet?Protocol Port numberHow does the Soho process this information? ServicesNetwork Address Translation NAT Soho Home Page-System Status Default Factory SettingsFirewall Settings Resetting a Soho to the Factory DefaultsBase Model Soho Rebooting a WatchGuard SohoRebooting a WatchGuard Soho Rebooting a WatchGuard Soho Before you begin Pre-installation checklistInstallation Process Microsoft Windows NT or Determine your current TCP/IP settingsMicrosoft Windows 95 or 98 or ME MacintoshExit the TCP/IP configuration screen Disable your browser’s Http proxyNetscape 6/6.1 NetscapeInternet Explorer 5.0/5.5 Physically connecting your SohoCabling the Soho for one to four devices Installation Process Cabling the Soho for more than four computers This creates a connection between the Soho and the modem Installation Process Network addressing Configuring Your External NetworkDouble-click the Network icon TCP/IP Properties dialog box appears Configuring the Soho External network for dynamic addressing On your computer Configuring the Soho External network for static addressingExternal On the SohoConfiguring the Soho external network for PPPoE From the Configuration Mode drop list, select PPPoE Client Click Automatically restore lost connections Release and renew the IP configuration Configure the Trusted network with static addresses Configuring Your Trusted NetworkRoutes Configure additional computers to the trusted network Configuring Static Routes View the Network Statistics Network Statistics View the Network Statistics System Security Your Administrative OptionsSetting a System Administrator Name and System Passphrase = System Security = VPN Manager Access Setting up VPN Manager AccessClick the Submit button Redeeming your Soho upgrade certificates Update Your Configuration from a Non- Windows Platform= Update = Upgrade Seat Licenses Upgrade certificates= View Configuration File View the Configuration FileView the Configuration File Configuring Incoming and Outgoing Services Firewall settingsIncoming or Outgoing Pre-configured ServicesCreating a Custom Service TCP and UDP Ports Custom ServiceIP Protocols Blocking External Sites Blocked Sites Firewall Options Firewall OptionsPing requests received on the External Network Socks implementation for the Soho Denying FTP access to the Trusted Network interfaceConfigure your Socks application Disabling Socks on the Soho Logging all allowed outbound trafficDMZ Creating a virtual DMZCreating a virtual DMZ Creating a virtual DMZ Viewing Soho log messages What is Logging?Wsep Logging Setting a WatchGuard Security Event Processor log hostOur example Syslog Logging Setting a Syslog HostSystem Time Setting the System TimeIf you have decided to use the WatchGuard Time Server Setting the System Time Setting the System Time How WebBlocker works WatchGuard Soho WebBlockerWeb site in WebBlocker database Web site not in WebBlocker databaseWatchGuard WebBlocker database unavailable WebBlocker Users and GroupsBypassing the Soho WebBlocker Purchasing and enabling Soho WebBlockerEnable WebBlocker Configuring the Soho WebBlockerSettings Enter the Inactivity Timeout in minutes Groups Create WebBlocker Groups and UsersTo the right of the Users field, click the New button Click the Submit button Alcohol/Tobacco WebBlocker categoriesDrug Culture Search Engines Click Check if the URL is on the CyberNOT List Searching for blocked sitesWhy create a virtual private network? Configuring Virtual Private NetworkingWhat you will need IP Address Table example Obtaining the VPN upgrade Step-by-step instructions for configuring a Soho VPN tunnelEnabling the VPN upgrade Special considerationsWhy do I need a static external address? Frequently asked questionsHow do I get a static external IP address? How do I obtain a VPN upgrade certificate? OK, why is ping not working?How do I connect three or four offices together? How do I troubleshoot the connection?Muvpn Clients How do I enable a VPN Tunnel?View the VPN Statistics View the VPN Statistics 104 How do I reboot my SOHO? TroubleshootingGeneral How do I register my SOHO? What do the on and Mode lights signify on the SOHO?What is a Soho feature key? Set a password on my unit, but I forgot it. Can you help?Cant get a certain Soho feature to work with a DSL modem How does the seat limitation on the Soho work?How do I install a Soho using a Macintosh? Where are the Soho settings stored? ConfigurationHow can I see the MAC address of my SOHO? How do I change to a Dhcp trusted IP address?How do I change to a static trusted IP address? How do I set up and disable Webblocker?Incoming WebBlockerVPN Management How do I set up VPN between two SOHOs? How do I set up my Soho for VPN Manager Access?Contacting Technical support Online Documenting and In-Depth FAQsSpecial Notices Database WebBlocker Default gateway 98 DNS service 116 User Guide 117 Socks